From c1c1d5cf8eca8bc2f9951389a487833e76070b21 Mon Sep 17 00:00:00 2001
From: Evan Lezar <elezar@nvidia.com>
Date: Fri, 19 Aug 2022 10:26:34 +0200
Subject: [PATCH] Specify hook structure instead of importing Podman

Signed-off-by: Evan Lezar <elezar@nvidia.com>
---
 tools/container/crio/crio.go  | 15 +++++------
 tools/container/crio/hooks.go | 50 +++++++++++++++++++++++++++++++++++
 2 files changed, 57 insertions(+), 8 deletions(-)
 create mode 100644 tools/container/crio/hooks.go

diff --git a/tools/container/crio/crio.go b/tools/container/crio/crio.go
index 8f09ba48..5e55ed61 100644
--- a/tools/container/crio/crio.go
+++ b/tools/container/crio/crio.go
@@ -1,5 +1,5 @@
 /**
-# Copyright (c) 2021, NVIDIA CORPORATION.  All rights reserved.
+# Copyright (c) 2021-2022, NVIDIA CORPORATION.  All rights reserved.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,7 +12,8 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-*/
+**/
+
 package main
 
 import (
@@ -22,8 +23,6 @@ import (
 	"path/filepath"
 
 	"github.com/NVIDIA/nvidia-container-toolkit/internal/config"
-	hooks "github.com/containers/podman/v4/pkg/hooks/1.0.0"
-	rspec "github.com/opencontainers/runtime-spec/specs-go"
 	log "github.com/sirupsen/logrus"
 	cli "github.com/urfave/cli/v2"
 )
@@ -164,20 +163,20 @@ func getHookPath(hooksDir string, hookFilename string) string {
 	return filepath.Join(hooksDir, hookFilename)
 }
 
-func generateOciHook(toolkitDir string) hooks.Hook {
+func generateOciHook(toolkitDir string) podmanHook {
 	hookPath := filepath.Join(toolkitDir, config.NVIDIAContainerRuntimeHookExecutable)
 	envPath := "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:" + toolkitDir
 	always := true
 
-	hook := hooks.Hook{
+	hook := podmanHook{
 		Version: "1.0.0",
 		Stages:  []string{"prestart"},
-		Hook: rspec.Hook{
+		Hook: specHook{
 			Path: hookPath,
 			Args: []string{filepath.Base(config.NVIDIAContainerRuntimeHookExecutable), "prestart"},
 			Env:  []string{envPath},
 		},
-		When: hooks.When{
+		When: When{
 			Always:   &always,
 			Commands: []string{".*"},
 		},
diff --git a/tools/container/crio/hooks.go b/tools/container/crio/hooks.go
new file mode 100644
index 00000000..aba31774
--- /dev/null
+++ b/tools/container/crio/hooks.go
@@ -0,0 +1,50 @@
+/**
+# Copyright (c) 2022, NVIDIA CORPORATION.  All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+**/
+
+package main
+
+// podmanHook is the hook configuration structure.
+// This is taken from `Hook` at https://github.com/containers/podman/blob/3c53200e9d61fdf95fe1da825bb2a89372551350/pkg/hooks/1.0.0/hook.go#L18
+type podmanHook struct {
+	Version string   `json:"version"`
+	Hook    specHook `json:"hook"`
+	When    When     `json:"when"`
+	Stages  []string `json:"stages"`
+}
+
+// specHook specifies a command that is run at a particular event in the lifecycle of a container
+// This is taken from `Hook` at https://github.com/opencontainers/runtime-spec/blob/9ee22abf867e374c5464c7bbe0d0db01482254ab/specs-go/config.go#L128
+type specHook struct {
+	Path    string   `json:"path"`
+	Args    []string `json:"args,omitempty"`
+	Env     []string `json:"env,omitempty"`
+	Timeout *int     `json:"timeout,omitempty"`
+}
+
+// When holds hook-injection conditions.
+// This is taken from `When` at https://github.com/containers/podman/blob/3c53200e9d61fdf95fe1da825bb2a89372551350/pkg/hooks/1.0.0/when.go#L11
+type When struct {
+	Always        *bool             `json:"always,omitempty"`
+	Annotations   map[string]string `json:"annotations,omitempty"`
+	Commands      []string          `json:"commands,omitempty"`
+	HasBindMounts *bool             `json:"hasBindMounts,omitempty"`
+
+	// Or enables any-of matching.
+	//
+	// Deprecated: this property is for is backwards-compatibility with
+	// 0.1.0 hooks.  It will be removed when we drop support for them.
+	Or bool `json:"-"`
+}